Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Logging
Table of Contents |
---|
YOUnite Uses Elastic
YOUnite uses the Open Source Elastic Stack (https://www.elastic.co/products) to log (Logstash), search (Elasticsearch), analyze and visualize (Kibana) all API requests and message bus traffic (most notably all data events).
YOUnite logs directly to Elastic via the Elastic's RESTtful API.
All activity is logged asynchronously. If Elastic is down, calls to the API will fail with forbidden (403) errors. Once Elastic is available again, the API will function againfunctionality returns. In a production environment it is strongly recommended that a Elastic is run as a highly-available, three-node cluster.
This page covers what gets explains events that are logged and provides the information on fields and data values used so that in logging. As a YOUnite user, you can perform searches on requests and data events across the entire MDM ecosystem from a single dashboard.
What Gets Logged
All API requestsWhy Centralized Logging?
Having a centralized logging platform is critical in an MDM ecosystem because from a single dashboard, it allows:
- API consumers to debug and validate requests/responses
- Data Governance Stewards, DBAs, and similar data-focused staff to trace data origins and updates
- IT staff to track usage
What Gets Logged?
- All API requests made to YOUnite
- All data events:
- API requests made to the /drs endpoint
- Callbacks generated by POST /drs/uuid/assembler
- Data events generated by adaptors
- Data event routing to adaptors
- Data event assembling
- API requests made to the /drs endpoint
- Adaptor initialization
For a complete listing of what gets logged, the fields used including the data values that are used for specific fields - see the “Logging Logging Entries and Fields
” section below
Either of these current logging entries can be easily extended to log additional request data (the object model being created, updated, etc.) or response data (results object model of a GET, etc.) for complete auditing of not only who made the modification, but what the modification was. This could be done for the entire resource spectrum or for only specific resources. If needed, the payload data could be easily logged to separate index requiring extended permissions for access.
Kibana
There are two logging links in the YOUnite UI header:
Image Removed
IMPORTANT: Although YOUnite centrally logs all API requests and data events – for security reasons – it does NOT log the data payloads.
Kibana
There are two logging links in the upper right of the YOUnite UI header:
Image Added
- The first link takes the user to the Kibana " Discover " page where where a user can filter and search on log entries based on "fields" (see "Logging Entries and Fields") below.
- The second link takes the user to a Kibana dashboard customized for YOUnite.
Kibana Discover Page
All MDM events are logged using the fields defined in the "Logging Entries and Fields" section below.
Kibana uses Lucene's query syntax . For example, to in the search bar. Once you set the desired Time Range in the upper right corner you can query the central logs for MDM activity (go here for more on how to use the Discover Page). Following are some examples:
To see all GET data events for a given adaptor:
Code Block | ||
---|---|---|
| ||
method:GET AND destination-adaptor-uuid:dd6e0bc6-b385-4c3b-b645-85ccd87c47e6 |
on an adaptor with the UUID dd6e0bc6-b385-4c3b-b645-85ccd87c47e6:
Code Block | ||
---|---|---|
| ||
method:GET AND destination-adaptor-uuid:dd6e0bc6-b385-4c3b-b645-85ccd87c47e6 |
To trace a given data record (DR) with the UUID 621a5a25-e95a-475a-abbc-865da254522a:
Code Block | ||
---|---|---|
| ||
resource-uuid:621a5a25-e95a-475a-abbc-865da254522a |
To get all requests to the "/api/domains/*/versions" API endpoint and endpoints beneath it:
Code Block | ||
---|---|---|
| ||
request:"/api/domains/*/versions" |
Get all data events that attempted to generate new data records (the second example shows only the data events that succeeded):
Code Block | ||
---|---|---|
| ||
method:POST AND data-event-sequence:ORIGINATING AND log-entry-type:MB_REQUEST
method:POST AND data-event-sequence:ORIGINATING AND log-entry-type:MB_REQUEST AND status:MB_REQUEST_SUCCESS |
Same as above but restricted to a domain version (with UUID d8970cb7-bd6f-4371-8d66-9a66fc81d97f):
Code Block | ||
---|---|---|
| ||
method:POST AND data-event-sequence:ORIGINATING AND log-entry-type:MB_REQUEST AND status:MB_REQUEST_SUCCESS AND domain-version-uuid:d8970cb7-bd6f-4371-8d66-9a66fc81d97f |
Same as above but restricted to a given adaptor (with adaptor UUID 64c30e62-b363-4913-9e0a-0e6219b69eee)
Code Block | ||
---|---|---|
| ||
method:POST AND data-event-sequence:ORIGINATING AND log-entry-type:MB_REQUEST AND status:MB_REQUEST_SUCCESS AND domain-version-uuid:d8970cb7-bd6f-4371-8d66-9a66fc81d97f AND source-adaptor-uuid:64c30e62-b363-4913-9e0a-0e6219b69eee |
Anchor | ||||
---|---|---|---|---|
|
Logging Entries and Fields
The table below is a summary of the what MDM events get logged and what the values, or "fields," that get logged for each MDM event.
The following is a description of possible log entry data values:
REQUIRED
These required values are used to index log entries and are required:
- request-type: Requests are either directly related to DATA or other operational events designated as METADATA (see the "Request Types" table below). See the 949725546 list.
- resource-type: The API resource type as defined by the API endpoint (see the "Resource Types" table below). See the 949725546 list.
- zone-uuid: UUID of the zone to which the resource belongs. For API requests, the UUID of the zone the resource belongs tothe resource belongs to. For adaptor or message bus requests, it's the UUID of the zone that owns the resource that generated the event.
- hostname: The hostname of the server handling and logging the request.
- entry-type: A general classification of for log entry types (see the "Audit Log Types" table below). See the #entry-type list.
- timestamp: Timestamp of the event.
OPTIONAL
- method: The API method type called (See "Method Types" list).
- log-entry-type: Classification of log entry types (see "Log Entry Types" list).
- request: The URI of the API request.
- timestamp: Timestamp of the event.
- zone-uuid: For API requests, the UUID of the zone the resource belongs to. For adaptor or message bus requests, its the UUID of the zone that owns the resource that generated the event.
- hostname: The hostname of the server handling and logging the . See the #method list.
- log-entry-type: Classification of log entry types. See the #log-entry-type list.
- request: The URI of the API request.
- network-address: The network address of the server handling and logging the request.
- ssoid: The API consumer's single sign-on ID.
- auth-identity-uuid: The UUID of the API consumer (tied to the ssoid). Note that a single auth-identity can be tied to multiple zone users.
- http-status: The HTTP status code of the API request.
- data-event-sequence: Federated data events go through a sequence of one or more of these steps:
- Originating data event
- Routing data events to adaptors
- Receiving responses from adaptors for routed data events
- Assembling responses
See the #data-event-sequence list.
- dr-notification-uuid: The UUID of the assembler object. An assembler object is created for requests that pull data from one or more adaptors.
- data-event-uuid: A single originating data-event typically generates multiple data-events, each with its own "data-event-uuid", for all appropriate adaptors when When it needs to assemble datadata-event-uuid: A , a single originating data-event typically generates multiple data-events, each with its own "data-event-uuid", for all appropriate adaptors when it needs to assemble data from or broadcast data out to adaptors.
- source-adaptor-uuid: The adaptor from which a data-event originated from.
- destination-adaptor-uuid: The adaptor to which a data-event is getting sent to.
- adaptor-capabilities: List A list of the adaptor's domain version property-processing capabilities.
- adaptor-state: The adaptor's state (see "Adaptor States" list)state. See the #adaptor-state list.
- domain-version-uuid: The domain version specified by a data event.
- resource-uuid: The UUID of the resource the request is operating on.
- request-uuid: API requests are given a random request UUID.
- ssoid: The API consumer's single sign-on ID.
- gold-adaptor-uuids: A list of adaptors designated as "gold" in the data request.
- silver-adaptor-uuids: A list of adaptors designated as "silver" in the data request.
- status: Status for a non-HTTP event. See the #status list.
- message: Typically, but not limited to, an error message.
The values on the left table below are used to index log entries and are required. The right side table below shows what which values are logged for the various MDM events.
REQUIRED: Data Fields Used to Index Log Entries | OPTIONAL: Log Entry Field Data Values | ||||||||||||||||||||||||||||
MDM Events | request-type | resource-type | zone-uuid | entry-type | method | log-entry-type | request | timestamp | zone-uuid | hostname | network-address | auth-identity-uuid | http-status | data-event-seqeuence | dr-notification-uuid | data-event-uuid | source-adaptor-uuid | destination-adaptor-uuid | adaptor-capabilities | adaptor-state | domain-version-uuid | resource-uuid | request-uuid | ssoid | gold-adaptor-uuids | silver-adaptor-uuids | status | message | |
API Request (L20) | METADATA | yes | yes | API | yes | API_REQUEST | yes | yes | yes | yes | yes | yes | yes | yes | |||||||||||||||
Data API Request (L25) | DATA | Limited to DRS or DRS_ASSEMBLER | yes | API | yes | API_REQUEST | yes | yes | yes | yes | yes | yes | yes (dr-uuid) | yes | yes | ||||||||||||||
API Response (L30) | METADATA | yes | yes | API | yes | API_REQUEST_SUCCESS | yes | yes | yes | yes | yes | yes | yes | yes | yes | ||||||||||||||
Data API Response (L35) | DATA | Limited to DRS or DRS_ASSEMBLER | yes | API | yes | API_REQUEST_SUCCESS | yes | yes | yes | yes | yes | yes | yes | yes (dr-uuid) | yes | yes | |||||||||||||
API Error Response (L40) | METADATA | yes | yes | API | yes | API_REQUEST_ERROR | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | |||||||||||||
Data API Error Response (L45) | DATA | yes | yes | API | yes | API_REQUEST_ERROR | yes | yes | yes | yes | yes | yes | yes | yes (dr-uuid) | yes | yes | yes | ||||||||||||
API Request Security Violation (L100) | METADATA | yes | yes | API | yes | API_REQUEST_ERROR | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | |||||||||||||
MDM Events | request-type | resource-type | zone-uuid | entry-type | method | log-entry-type | request | timestamp | zone-uuid | hostname | network-address | auth-identity-uuid | http-status | data-event-seqeuence | dr-notification-uuid | data-event-uuid | source-adaptor-uuid | destination-adaptor-uuid | adaptor-capabilities | adaptor-state | domain-version-uuid | resource-uuid | request-uuid | ssoid | gold-adaptor-uuids | silver-adaptor-uuids | status | message | |
Service Layer POST Assembler Processing (L1) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | GET1 | MB_REQUEST | yes | yes | yes | yes | ORIGINATING | yes | yes | yes (dr-uuid) | yes | optional | optional | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | ||||||||||
POST Assembler Routing Events (L2) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | GET1 | MB_REQUEST | yes | yes | yes | yes | ROUTED | yes | yes | yes | yes | yes (dr-uuid) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | |||||||||||
POST Assembler Routing Event Returned (L3) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | GET1 | MB_REQUEST | yes | yes | yes | yes | ROUTED_RETURNED | yes | yes | yes | yes | yes (dr-uuid) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | |||||||||||
POST Assembler Callback (L4) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | GET1 | MB_REQUEST | yes | yes | yes | yes | ASSEMBLED | yes | yes | yes | yes | yes (dr-uuid) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | |||||||||||
MDM Events | request-type | resource-type | zone-uuid | entry-type | method | log-entry-type | request | timestamp | zone-uuid | hostname | network-address | auth-identity-uuid | http-status | data-event-seqeuence | dr-notification-uuid | data-event-uuid | source-adaptor-uuid | destination-adaptor-uuid | adaptor-capabilities | adaptor-state | domain-version-uuid | resource-uuid | request-uuid | ssoid | gold-adaptor-uuids | silver-adaptor-uuids | status | message | |
PUT, POST, DELETE Event Received From Adaptor (L5) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | PUT, POST or DELETE | MB_REQUEST | yes | yes | yes | yes | ORIGINATING | yes | yes | yes | yes | yes (dr-uuid for PUT and DELETE and null for POST) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | |||||||||||
PUT, POST, DELETE Event Routed to Adaptor (L6) | DATA | DRS_ASSEMBLER | yes | ADAPTOR | PUT, POST or DELETE | MB_REQUEST | yes | yes | yes | yes | ROUTED | yes | yes | yes | yes | yes | yes (dr-uuid) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) | ||||||||||
Adaptor Registration (L10) | METADATA | ADAPTORS | yes | ADAPTOR | ADAPTOR_STATE | MB_REQUEST | yes | yes | yes | yes | yes | yes | yes (See "ADAPTOR STATES" list) | MB_REQUEST_SUCCESS or MB_REQUEST_ERROR | yes (if there is an error) |
1 POST /drs/uuid for a FEDERATED domain version is used in place of a GET /drs/uuid (used for an MDM_DATA_STORE domain version) since assembling a data record takes extra processing – but logically processing. Logically it is a GET, and governance permissions treat POST /drs/uuid as a GET.
Data Field Values
Section | ||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Section | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...